Skip to content
#

vulnerabilities

Star

Here are 475 public repositories matching this topic...

Language: All
Filter by language
All 475 Python 137 JavaScript 42 Shell 32 Java 24 Go 23 PHP 23 HTML 22 C 21 Ruby 10 Jupyter Notebook 8
Sort: Best match
Sort options
Best match Most stars Fewest stars Most forks Fewest forks Recently updated Least recently updated

future-architect / vuls

Star 9.1k

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

go linux golang freebsd security security-audit administrator cybersecurity security-vulnerability vulnerabilities security-hardening vulnerability-detection vulnerability-management vulnerability-scanners security-scanner vulnerability-assessment vuls security-automation security-tools vulnerability-scanner
  • Updated Mar 21, 2022
  • Go

aquasecurity / kube-hunter

Star 3.6k
Open

Azure Cloud Checks - Make Optional

1
goffinf
goffinf commented Mar 18, 2019

I note that there is a check whether the cluster is deployed into Azure Cloud .. see below.

I don't have a problem with that per se except that in a corporate environment I don't want to request a proxy whitelist exception with my CISO for an endpoint that we have no use for (http://www.azurespeed.com). Moreover, whilst this test will eventually timeout and the checks resume, it delays the pro

Read more
enhancement good first issue on pull request
grype

anchore / grype

Star 3.2k
Open

add basic instructions for compiling binaries to install readme

2
fmtbkgiddiqq
fmtbkgiddiqq commented Jan 10, 2022

What would you like to be added:

Please add some basic instructions for compiling the binaries to the install readme as an alternative to curl to bash.

Why is this needed:

Some folks are uncomfortable with the security implications of curl to bash

There are additional use cases where users may wish to modify the functionality of the project to better fit their needs

**Addit

Read more
documentation enhancement good first issue

anchore / anchore-engine

Star 1.4k
dependency-track

DependencyTrack / dependency-track

Star 1k
Open

Migrate Swagger to OpenAPI 3

2
stevespringett
stevespringett commented Nov 18, 2020

The current swagger definition is autogenerated. The automatically generated definitions rely on reflection and annotations to create the documentation. The reflection capabilities are poor at best and lead to missing API parameters. Annotations can help in some cases, but the only fix for Swagger is to create individual POJOs for every possible request. This will lead to unnecessary large number

Read more
enhancement help wanted p2 good first issue

opencve / opencve

Star 993
Open

Products are mainly associated with a vulnerabilty and not vulnerable

Steppenw01f
Steppenw01f commented Mar 6, 2022

The products and vendors, which are listed in the affected Column of a CVE are often not vulnerable.
For example:
The CVE-2021-44738 has multiple configurations, but only one of each configuration is vulnerable.
From the first configuration only "b2236_firmware" is vulnerable, but not "b2236", if you check the JSON object.
<img width="603" alt="Screenshot 2022-03-06 013750" src="https://user-i

Read more
enhancement good first issue

Improve this page

Add a description, image, and links to the vulnerabilities topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the vulnerabilities topic, visit your repo's landing page and select "manage topics."

Learn more